f



ssh->sudo tcgetattr: Invalid argument

I am responsible for backing up close to 250 servers and
workstations.  For the servers (mostly debian), I use something like
this (where rsyncSend contains: /usr/bin/rsync $*):

/usr/bin/ssh -pXXXX -q -x -l backup tobe.backedup.com sudo /var/
backups/rsyncSend ...

Recently some CentOS boxes have been thrown into the mix.  With the
above command, I get:

Got remote protocol 1868854643
Fatal error (bad version): sudo: sorry, you must have a tty to run
sudo

Reading the man page of ssh, I figure it makes sense to add -t to
create a tty on the remote system:

/usr/bin/ssh -t -pXXXX -q -x -l backup tobe.backedup.com sudo /var/
backups/rsyncSend ...

I get the same error, so decide it's a good idea to add a second -t
since the ssh is not running from a tty on the local host:

/usr/bin/ssh -t -t -pXXXX -q -x -l backup tobe.backedup.com sudo /var/
backups/rsyncSend ...

Now I get a new error:

Got remote protocol 1701274484
Fatal error (bad version): tcgetattr: Invalid argument

I'm stuck at this point.  This only happens on the CentOS servers.
And it only happens if the command is run from a process without a
tty, it works from the command line.  I've disabled selinux on both
ends.  Any ideas?

Thanks in advance,

James

0
11/20/2008 7:11:40 PM
comp.security.ssh 4228 articles. 0 followers. terra1024 (490) is leader. Post Follow

1 Replies
2012 Views

Similar Articles

[PageSpeed] 25

daoist wrote:
> I am responsible for backing up close to 250 servers and
> workstations.  For the servers (mostly debian), I use something like
> this (where rsyncSend contains: /usr/bin/rsync $*):
> 
> /usr/bin/ssh -pXXXX -q -x -l backup tobe.backedup.com sudo /var/
> backups/rsyncSend ...
> 
> Recently some CentOS boxes have been thrown into the mix.  With the
> above command, I get:
> 
> Got remote protocol 1868854643
> Fatal error (bad version): sudo: sorry, you must have a tty to run
> sudo

This is an RHEL 5 change. Cron jobs don't have an associated tty.

You can either edit the /etc/sudoers to comment out the line 'Defaults 
requiretty' to allow non-tty connections, which I do *NOT* recommend, or use 
service specific keys to access the target as root and restrict the commands 
to rsync, like the 'validate-rsync' as described here:

	http://troy.jdmz.net/rsync/index.html
0
nkadel (705)
11/21/2008 2:29:38 AM
Reply:

Similar Artilces:

SSH over SSH
Hi all, Our university network is accessed through a gateway machine, which accepts SSH connections and from which I can SSH onto other machines. I'm looking to write a program to make it easy for Mac OS X users to set up tunnels. Part of this involves storing passwords in the keychain. If I just want to forward a local port to the gateway machine, I can set SSH_ASKPASS to something suitable which looks in the keychain. However, if I want to forward a local port to another machine on my university network, i.e., another hop, I need to somehow have an SSH_ASKPASS utility on the gateway m...

ssh ssh
I am trying to write a script that takes a list of hosts and sshs into the first one and then can ssh to other ones. I can only ssh to the other hosts from the first host. Here is what I tried: I think it is waiting for the ssh to the first host to finish. I guess I could scp a partial hostlist and a program to *.domain and then run the program remotely. Am I on a right track? #!/bin/perl use strict; open( HL, '<hostlist3.txt' ) || die "can't open hostlist3"; #!/bin/perl use strict; open( HL, '<hostlist3.txt' ) || die "can't open hostlist3&qu...

ssh to ssh
I have the following scenerio: Remote PC with Xmanager small linux gateway, with sshd and ssh but no X software local host with sshd and X software I am trying to do the following from the remote PC: ssh -X (gateway addr. x.x.x.x "ssh -X (local host add 192.168.25.40) xterm" and it is failing. Please help if possible. Looking at the verbose output I see: OpenSSH_3.8.1p1, OpenSSL 0.9.7c 30 Sep 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to x.x.x.x [x.x.x.x] port 80. debug1: Connection established. debug1: ident...

net::ssh::Perl connecting to f-secure ssh server
Hi, I asked this on the wonderful Perlmonks site and am repeating here incase the one with the answer is here and not there.... We need to write a script that will connect to a softswitch (Ericsson), run commands retrieving output to files and sometimes using some of that output as parameters to more commands. The softswitch runs on Windows NT server and uses F-Secure 3.2.0. The client box will be Solaris with Perl 5.8.8. I can run ssh from the shell and connect OK. I can run the "commands" and see output on screen. I have started to write a demo in Perl and I can login f...

SSH Keys: MULTINET SSH Client to TCPIP SSH Server
Has anyone here had occasion to configure a Multinet 4.4 SSH client to use public key authentication when connecting to an HP TCPIP (5.4) SSH Server? I created my public/private DSA key pair on the Multinet host, copied the public key to my [.SSH2] directory on the TCPIP server, and referenced the new key in the TCPIP server's AUTHENTICATION file. From what I understand of the TCPIP SSH docs, the format of the public key file is a single (long) line, beginning with the key type and followed by the key value, e.g.: ssh-dss AAAAB3NzaC1kc...sf5C4quB5GaOVn+zogU= So after I copied my public key to the TCPIP host, I edited it with EVE to get it into the format shown above. Was this my mistake? Shuold I have used another method to make these two SSH implementations compatible? On the Multinet client, the same public key appears in this format: ---- BEGIN SSH2 PUBLIC KEY ---- Subject: <username> AAAAB3NzaC1kc... ... sf5C4quB5GaOVn+zogU= ---- END SSH2 PUBLIC KEY ---- To make the SSH connection, I entered this command on the MU host and received the following responses: $ SSH/USER=<host2username>/IDENT=<private key filename> <host> warning: <MUhostdev:[dir.SSH2]<private-key>.: 4: parsing line failed. warning: <MUhostdev:[dir.SSH2]<private-key>.: 5: parsing line failed. warning: <MUhostdev:[dir.SSH2]<private-key>.: 6: parsing line failed. warning: <MUhostdev:[dir.SSH2]<private-key>.: 7: parsi...

stty: : Invalid argument Using SSH
In a script, I was using SSH to run a command on a remote server. I got the message "stty : : invalid argument." It took me a while to figure out why. An interactive shell reads commands from user input on a tty. If you're executing ssh inside a script to run a command on another server, ssh logs into the server as a specific user, and executes the command on the server in a non-interactive shell. Command shells in the sh family execute ~/.profile and ~/.bash_profile once at login, and ~/.kshrc and ~/.bashrc when ever a new shell starts. Command shells in the csh family execute ...

x windows over ssh and over ssh
Hi I have some problems with setting up x windows over ssh. I have x-win32 and putty on my home computer. And I can ssh to a solaris romote machine. And on the romote machine I can ssh to a linux machine behind the solaris. The problem is how I can set up tunnels (Maybe it's the way.) That I can run x client on linux machine and display on my home computer. Thanks very much! pipehappy wrote: > Hi > > I have some problems with setting up x windows over ssh. > > I have x-win32 and putty on my home computer. > And I can ssh to a solaris romote machine. > And on th...

SSH Keygen
Hi, Wonder if anyone can help. I've got Server A on which I run "ssh-keygen -d" to generate the id_dsa.pub file (amongst others). I copy this so Server B, and go into /home/myuser folder, and I'm all set to type "cat /tmp/id_dsa.pub >> authorized_keys2" in the .ssh folder, but the problem is that there are no .ssh folders to do this in. What should I do? I've been following the two links: http://acd.ucar.edu/~fredrick/linux/ssh.html http://cfm.gs.washington.edu/security/ssh/client-pkauth/ but they don't really help on this issue. Can anyone help? ...

shell ssh over a ssh tunnel
hello i have a ssh tunnel available between internet/intranet network. but i can not login the gateway. only forward is available. how can i open a shell on a sshd server inside intranet throw the ssh gateway. ssh -N -L 22:sshd_intranet:22 sshd_gateway it do not work, ssh localhost returns: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle att...

ssh -> vim -> colors ?
Hello! I log into my uni via ssh. The server runs on AIX, and it looks like their terminal does not support colors. I actually don't know nothing about this, so i am wondering : Is there a way to make the (selfcompiled) hosts vim use colors ? Does it solely depend on the hosts terminal, weather i can have colors on my client or not ? thx -ap muede <muede73@gmx.de> wrote: > Hello! > > I log into my uni via ssh. The server runs on AIX, and it looks like > their terminal does not support colors. I actually don't know nothing > about this, so i am wondering : > > Is there a way to make the (selfcompiled) hosts vim use colors ? > Does it solely depend on the hosts terminal, weather i can have colors > on my client or not ? What is the value of the $TERM environment variable when you log in to the AIX machine ? -- :wq ^X^Cy^K^X^C^C^C^C Ico wrote: > muede <muede73@gmx.de> wrote: >> Hello! >> >> I log into my uni via ssh. The server runs on AIX, and it looks like >> their terminal does not support colors. I actually don't know nothing >> about this, so i am wondering : >> >> Is there a way to make the (selfcompiled) hosts vim use colors ? >> Does it solely depend on the hosts terminal, weather i can have colors >> on my client or not ? > > What is the value of the $TERM environment variable when you log in to &...

cannot connect through ssh after ssh-shutdown
Hi, I was trying to restart a computer remotely using ssh (putty), and I think that I may have shut it down? I tried shutdown -r now, and that didn't seem to work. So I tried: shutdown -r now halt poweroff After issuing the poweroff command, the putty terminal hung for 5 minutes or so until I closed it. When I try to reconnect through putty, putty immediately errors out with "Network error: connection refused". Did I shut down the server? Thanks Dave In article <c0558eee-a099-4ea1-a5ba-76780a882112@m73g2000hsh.googlegroups.com>, davids <davidshumway@gmail.com> writes: > Hi, > > I was trying to restart a computer remotely using ssh (putty), and I > think that I may have shut it down? I tried shutdown -r now, and that > didn't seem to work. So I tried: > > shutdown -r now > halt > poweroff > > After issuing the poweroff command, the putty terminal hung for 5 > minutes or so until I closed it. When I try to reconnect through > putty, putty immediately errors out with "Network error: connection > refused". Did I shut down the server? > > Thanks > Dave Yep, sure did. Either poweroff or halt will stop the machine entirely. This assumes you had root/superuser privilege on the remote machine. Assuming the remote machine is a unix box and you were using your ssh connection as a terminal screen, next time you might want to try "sync;sync;sync;{reboot|fastboot}". Again, as...

SSH and CVS over SSH Tunnel
Hi! I'm trying to get a somehow compicated setup to work. Up to now it worked from time to time but now i can't get it to work at all any more. This is my situation: Linux1 --- NAT Firewall dyn.IP --- Linux2 stat.IP --- Windows dyn.IP I want to access the Linux1 via SSH from my Windows PC. Therefore I dial in, send a mail to a POP account that gets checked by my Linux1 and if there's a mail Linux1 establishes two Remote SSH Tunnels to my Linux2 linux1% ssh -R 2401:localhost:2401 linux2 -R 2422:localhost:22 -N linux2 Therefore my Firewall estabishes a connection to my ISP. ...

How secure is ssh?
The problem: at work a group of *nix admins, myself included, are attempting to "buck the system." There is an auditing tool being rolled-out that logs into every *nix/linux box (tens of thousands of them) using a particular user name and authenticating with a passwordless (nothing in /etc/shadow or /etc/master.passwd, etc.) ssh connection -- the public ssh key for the username being put in /home/username/.ssh on every "client." The account is non-priveledged, ie., no root access -- just a regular user. We are attempting to explain that putting the same user account (wi...

ssh security
I was in wonder when a pair key is generated by openssh, is there any other file that is being written which keeps some info about the keys being generated???. how to time stamp a key to expire it at certain date? ?? how do I know if a key is being time stamped? Thanks for any help >>>>> "Linda" == Linda @ NY <sexypunda@yahoo.com> writes: Linda> I was in wonder when a pair key is generated by openssh, is Linda> there any other file that is being written which keeps some Linda> info about the keys being generated???. No; just the two ...

ssh security
Hi folks, question about ssh, (if anyone knows of a more suitable group please let me know) If you try to log into a remote machine that you're not allowed access to, you still get a display of a load of info e.g. OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f debug1: Reading configuration data /usr/local/etc/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to bounty [10.230.199.220] port 22. debug1: Connection established. debug1: identity file /home/rreynold/.ssh/identity type -1 debug1...

Using ssh forwarding for ssh itself.
I'm trying to ssh into my (Linux) computer at work. Normally I ssh into the department's main (Unix) computer, then ssh into my own, but I thought I'd try out port forwarding. So in one xterm I do this: $ ssh -L 9999:my_computer:22 main_computer [main_computer prints login message then the following] channel 3: open failed: administratively prohibited: open failed channel 3: open failed: administratively prohibited: open failed In another xterm, I try this: $ netstat -tl [shows my computer is listening on 9999] $ ssh -p 9999 -v localhost debug1: Reading configuration data /home/adam/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to localhost [127.0.0.1] port 9999. debug1: Connection established. debug1: identity file /home/adam/.ssh/identity type -1 debug1: identity file /home/adam/.ssh/id_rsa type -1 debug1: identity file /home/adam/.ssh/id_dsa type -1 ssh_exchange_identification: Connection closed by remote host Does the "administratively prohibited" message mean that main_computer is configured not to allow this? Or am I doing something wrong? If I can get this working, will I also be able to use scp directly from my home computer to my desktop (instead of copying to my account on main_computer first)? Thanks, Adam In comp.security.ssh Adam Funk <a24061@ducksburg.com> wrote: > I'm trying to ssh into my (Linux) computer at work. Normally I ssh > in...

How to secure SSH from low security app server to high security DB server?
We need to be able to run commands from a low security application server (as this is running web servers and thus a large number of people have access to the web servers) to a high security database server. I would like to use SSH (maybe a locked down ssh server) to do this but the system administrators will not allow this as they say that if a bug is found with the SSH server then the secure database server could be compromised by the compromised SSH server. The sysadmins want us to come up with another way of running commands on the database server from the application server. I th...

SSH
I created a keypair $ssh-keygen -t rsa and I sent the public key to the remote host $cat ~/.ssh/id_rsa.pub | ssh 10.0.0.8 sh -c "cat >> ~/.ssh/authorized_keys" Now I shouldn't supply the password every time I log in, but when I execute $ssh giuseppe@10.0.0.8 I still need to type the password!!! Thanks!!! On Mon, 18 Oct 2004 10:49:01 +0000, giuseppe wrote: > I created a keypair > $ssh-keygen -t rsa > and I sent the public key to the remote host > $cat ~/.ssh/id_rsa.pub | ssh 10.0.0.8 sh -c "cat >> ~/.ssh/authorized_keys" > > Now I ...

ssh
Is this the best way to use ssh ? How can i use ssh keys instead of passwords ? I dont understand what happens when pid does not equal 0 , where does the cmd get executed when pid is not 0 ? How do you close the connection ? # http://mail.python.org/pipermail/python-list/2002-July/155390.html import os, time def ssh(user, rhost, pw, cmd): pid, fd = os.forkpty() if pid == 0: os.execv("/bin/ssh", ["/bin/ssh", "-l", user, rhost] + cmd) else: time.sleep(0.2) os.read(fd, 1000) time.sleep(0.2) os.write(fd, pw + "\n") time.sleep(0.2) res = &#...

SSH
Thanks to all for the reply on sockets, a second question Does SSH encrypt data being sent or is pre-encryption needed? Ta muchly Ian Warner * To join/leave the list, search archives, change list settings, * * etc., please visit http://raven.utc.edu/archives/hp3000-l.html * Ian Warner wrote: > Thanks to all for the reply on sockets, a second question > > Does SSH encrypt data being sent or is pre-encryption needed? SSH (and SSL, SCP, TLS, et al) encrypts data in transit only. Using the standard APIs, you don't see the encrypted forms (you just supply the ...

ssh
hallo newsgroup, i am newbie in aix, what are the exact! steps to get a connection from internet trhough ssh / ssl to a aix machine? what exactly have i to install where and what to know? i have a laptop running cygwin and able to connect via ssh to a suse machine .... bernd ...

ssh
Just got a requirement to get our system using ssh instead of telnet for some security compliance cert. Does anyone know how to do this with D3. I can already ssh into the box, just trying to understand how to get the D3 connection setup. Thanks. On Oct 23, 3:31 pm, "Bob Frank" <bg...@comcast.net> wrote: > Just got a requirement to get our system using ssh instead of telnet for > some security compliance cert. > Does anyone know how to do this with D3. > I can already ssh into the box, just trying to understand how to get the D3 > connection setup. > Thanks. I use Accuterm. My users login to the Linux box then .bashrc in their home directory logs them into D3 on a specific line#. Exit logs them all the way back out to a Linux login prompt. ruce Thanks. Is there a better way? One that would be more transparent? One that would grab the next available port as telnet does? "bruce ackman" <brucea@lewissupplyva.com> wrote in message news:1193169849.043644.274130@e9g2000prf.googlegroups.com... > On Oct 23, 3:31 pm, "Bob Frank" <bg...@comcast.net> wrote: >> Just got a requirement to get our system using ssh instead of telnet for >> some security compliance cert. >> Does anyone know how to do this with D3. >> I can already ssh into the box, just trying to understand how to get the >> D3 >> connection setup. >> Thanks. > ...

ssh
I enabled ssh on my iMac running 10.11.2. But I can't ssh in to my (non-admin) account from my Macbook (on the same network), because my password is rejected. After three attempts I get this message: Permission denied (publickey, keyboard-interactive) The result is the same with the three other non-admin accounts on the iMac. The only account I can successfully ssh into is the admin account. From there I suppose I could su into the account I want, but that seems like a rather roundabout way to do it. Is this the way ssh is supposed to work on 10.11? Admin accounts onl...

ssh
Hi, How to set ssh server when the system is already installed, and how to add users with their passwords.. Tx bernard wrote: > Hi, Hi, > How to set ssh server when the system is already installed, and how to add > users with their passwords.. just type /stand/sysintall as root; go to Configure -> Networking and activate sshd... read the ssh and sshd manpages... edit the config to fit your needs. sysinstall also have an easy to use user manager under configure. read adduser and add group manpage. A must read is the freebsd hanbook aivaillable at : http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ have fun, -- MaXX ...

Web resources about - ssh->sudo tcgetattr: Invalid argument - comp.security.ssh

Resources last updated: 3/7/2016 6:58:06 PM